[Jifty-commit] r4339 - in jifty/trunk: . lib/Jifty/Plugin/OAuth lib/Jifty/Plugin/OAuth/Action

jifty-commit at lists.jifty.org jifty-commit at lists.jifty.org
Tue Oct 30 18:35:15 EDT 2007


Author: sartak
Date: Tue Oct 30 18:35:14 2007
New Revision: 4339

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm
   jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
   jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t

Log:
 r44443 at onn:  sartak | 2007-10-30 18:34:06 -0400
 More tests, start implementing callbacks, but failing :)


Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm	Tue Oct 30 18:35:14 2007
@@ -21,6 +21,9 @@
     param 'authorize',
         valid_values are qw(allow deny);
 
+    param 'callback',
+        render as 'hidden';
+
 };
 
 =head2 validate_token
@@ -63,6 +66,10 @@
         token => $self->argument_value('token'),
     );
 
+    $self->result->content(token_obj => $token);
+    $self->result->content(token     => $token->token);
+    $self->result->content(callback  => $self->argument_value('callback'));
+
     if ($self->argument_value('authorize') eq 'allow') {
         $token->set_authorized('t');
         $self->result->message("Allowing " . $token->consumer->name . " to access your stuff.");

Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm	Tue Oct 30 18:35:14 2007
@@ -94,7 +94,7 @@
     set no_abort => 1;
     my %oauth_params = get_parameters(@params);
 
-    set next => $oauth_params{callback};
+    set callback => $oauth_params{callback};
     set consumer => 'Some application';
     del 'token';
 

Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm	Tue Oct 30 18:35:14 2007
@@ -103,7 +103,10 @@
         class   => 'AuthorizeRequestToken',
     );
 
-    Jifty->web->form->start( call => get 'next' );
+    Jifty->web->form->start();
+    Jifty->web->form->next_page(url => "/oauth/authorized");
+
+    outs $authorize->hidden(callback => get 'callback');
 
     # if the site put the token in the request, then use it
     # otherwise, prompt the user for it
@@ -129,6 +132,44 @@
     Jifty->web->form->end();
 };
 
+=head2 oauth/authorized
+
+Displayed after the user authorizes or denies a request token. Uses a link
+to the callback if provided, otherwise the site's URL.
+
+=cut
+
+template 'oauth/authorized' => page { title => 'XXX' }
+content {
+    my $result    = Jifty->web->response->result('authorize_request_token');
+    my $callback  = $result->content('callback');
+    my $token     = $result->content('token');
+    my $token_obj = $result->content('token_obj');
+
+    $callback ||= $token_obj->consumer->url;
+
+    if (!$callback) {
+        p { "Oops! " . $token_obj->consumer->name . " didn't tell us how to get you back to their service. If you do find your way back, you'll probably need this token: " . $token };
+    }
+    else {
+        $callback .= ($callback =~ /\?/ ? '&' : '?')
+                  .  'oauth_token='
+                  .  $token;
+        set consumer => $token_obj->consumer;
+
+        p {
+            outs 'To return to ';
+            show 'oauth/consumer';
+            outs ', ';
+            hyperlink(
+                label => 'click here',
+                url   => $callback,
+            );
+            outs '.';
+        };
+    }
+};
+
 =head2 oauth/help
 
 This provides a very, very layman description of OAuth for users

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t	Tue Oct 30 18:35:14 2007
@@ -8,7 +8,7 @@
 use TestApp::Plugin::OAuth::Test;
 
 if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
-    plan tests => 33;
+    plan tests => 40;
 }
 else {
     plan skip_all => "Net::OAuth isn't installed";
@@ -27,7 +27,7 @@
 my ($ok, $msg) = $consumer->create(
     consumer_key => 'foo',
     secret       => 'bar',
-    name         => 'FooBar industries',
+    name         => 'FooBar Industries',
     url          => 'http://foo.bar.example.com',
     rsa_key      => $pubkey,
 );
@@ -158,3 +158,85 @@
 }
 # }}}
 
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - plaintext signature",
+    consumer_secret        => 'bar',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# deny it with a request parameter {{{
+$mech->get_ok('/oauth/authorize?oauth_token=' . $token_obj->token);
+$mech->content_like(qr/If you trust this application/);
+$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
+
+$mech->form_number(1);
+$mech->click_button(value => 'Deny');
+
+$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - plaintext signature",
+    consumer_secret        => 'bar',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# allow it with a request parameter {{{
+$mech->get_ok('/oauth/authorize?oauth_token=' . $token_obj->token);
+$mech->content_like(qr/If you trust this application/);
+$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
+
+$mech->form_number(1);
+$mech->click_button(value => 'Allow');
+
+$mech->content_contains("Allowing FooBar Industries to access your stuff");
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - plaintext signature",
+    consumer_secret        => 'bar',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# deny it with a callback {{{
+$mech->get_ok('/oauth/authorize?oauth_callback=http%3A%2f%2fgoogle.com');
+$mech->content_like(qr/If you trust this application/);
+
+$mech->fill_in_action_ok($mech->moniker_for('TestApp::Plugin::OAuth::Action::AuthorizeRequestToken'), token => $token_obj->token);
+$mech->click_button(value => 'Deny');
+
+$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+$mech->content_contains("Click here");
+$mech->content_contains("http://google.com?oauth_token=" . $token_obj->token);
+$mech->content_contains("to return to FooBar Industries");
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - plaintext signature",
+    consumer_secret        => 'bar',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# deny it with a callback + request params {{{
+$mech->get_ok('/oauth/authorize?oauth_token='.$token_obj->token.'&oauth_callback=http%3A%2f%2fgoogle.com%3ffoo%3d=bar');
+$mech->content_like(qr/If you trust this application/);
+$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
+
+$mech->form_number(1);
+$mech->click_button(value => 'Deny');
+
+$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+$mech->content_contains("Click here");
+$mech->content_contains("http://google.com?foo=bar&oauth_token=" . $token_obj->token);
+$mech->content_contains("to return to FooBar Industries");
+# }}}
+


More information about the Jifty-commit mailing list